[SGVLUG] Database security for "sql" databases

Emerson, Tom Tom.Emerson at wbconsultant.com
Fri Jul 15 12:08:18 PDT 2005


I'm trying to determine and/or validate that the proper permissions have been "granted" to the proper people for a particular SQL database, and, well, I'm running into "difficulties".

I don't know if this is true of "sql databases" in general, or just the one I'm using.  From the interactive SQL / query utility supplied by the vendor, I see I can issue "GRANT..." commands to allow other users and entities access (or REVOKE to remove those access rights)  What I cannot find is any command to REVIEW the current access rights.

I guess I'm kind of spoiled by the DB I've been using, but "security" for that database MUST be supplied as part of the "schema" and is defined in the most basic way: can you READ or can you WRITE to the table (or if you want to get fancy and shoot yourself in the foot, this can be extended down to the item level...)  This is just "simpler" than pondering the nuances of "update" vs "delete" [because if you can update but not delete something, you can conceivably change the values to nulls, zeroes, or otherwise "blank" data, which is almost indistinguishable from a record that doesn't exist...]

Any thoughts?


More information about the SGVLUG mailing list